NetworkPolicy

templates/NetworkPolicy.yaml

@@ -3,101 +3,73 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: dragonfly
-  namespace: memelord-raiko
+  namespace: memelord-laurivosandi
 spec:
   podSelector:
     matchLabels:
-      app: memelord-raiko-redis
+      app: memelord-laurivosandi-redis
+      app.kubernetes.io/name: dragonfly
   policyTypes:
-    - Ingress
+  - Ingress
   ingress:
-    # App -> Redis
+  - from:
-    - from:
+    - podSelector:
-        - podSelector:
+        matchLabels:
-            matchLabels:
+           app: memelord
-              app: memelord-raiko
+    ports:
-      ports:
+    - protocol: TCP
-        - protocol: TCP
+      port: 6379
-          port: 6379
+  - from: # Dragonfly replication
-
+    - podSelector:
-    # Prom -> Redis
+        matchLabels:
-    - from:
+          app: memelord-laurivosandi-redis
-        - namespaceSelector:
+          app.kubernetes.io/name: dragonfly
-            matchLabels:
+    ports:
-              kubernetes.io/metadata.name: monitoring
+    - protocol: TCP
-      ports:
+      port: 9999
-        - protocol: TCP
-          port: 6379
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: postgres
-  namespace: memelord-raiko
+  namespace: memelord-laurivosandi
 spec:
   podSelector:
     matchLabels:
-      cnpg.io/cluster: memelord-raiko-database
+      cnpg.io/cluster: memelord-laurivosandi-database
   policyTypes:
-    - Ingress
+  - Ingress
   ingress:
-    # App -> Postgres SQL
+  - from:
-    - from:
+    - podSelector:
-        - podSelector:
+        matchLabels:
-            matchLabels:
+           app: memelord
-              app: memelord
+    - podSelector: # Primary-secondary replication!
-      ports:
+        matchLabels:
-        - protocol: TCP
+          cnpg.io/cluster: memelord-laurivosandi-database
-          port: 5432
+    ports:
-
+    - protocol: TCP
-    # Primary-secondary replication (jääb alles)
+      port: 5432
-    - from:
+  - ports: # Probes do work now!
-        - podSelector:
+    - protocol: TCP
-            matchLabels:
+      port: 8000
-              cnpg.io/cluster: memelord-raiko-database
-      ports:
-        - protocol: TCP
-          port: 5432
-
-    # CNPG operator/controller -> Postgres management/health (sinu log näitas port 8000)
-    - from:
-        - namespaceSelector:
-            matchLabels:
-              kubernetes.io/metadata.name: cnpg-system
-      ports:
-        - protocol: TCP
-          port: 8000
-
-    # Prometheus -> Postgres (vali õige port vastavalt exporterile/metricsile)
-    - from:
-        - namespaceSelector:
-            matchLabels:
-              kubernetes.io/metadata.name: monitoring
-      ports:
-        - protocol: TCP
-          port: 5432
-        # - protocol: TCP
-        #   port: 9187
-
 ---
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: memelord
-  namespace: memelord-raiko
+  namespace: memelord-laurivosandi
 spec:
   podSelector:
     matchLabels:
-      app: memelord
+       app: memelord
   policyTypes:
-    - Ingress
+  - Ingress
   ingress:
-    - from:
+  - from:
-        - namespaceSelector:
+    - namespaceSelector:
-            matchLabels:
+        matchLabels:
-              kubernetes.io/metadata.name: traefik
+          kubernetes.io/metadata.name: traefik
-      ports:
+    ports:
-        - protocol: TCP
+    - protocol: TCP
-          port: 8000
+      port: 8000
-
-